Lab 02: Docker and Dockerized Wordpress - Hsanokklis/2023-2024-Tech-journal GitHub Wiki

Pre Lab Info and Specifications:

In this lab, we are using ubuntu rather than CentOS

Will need to figure out how to use:

netplan to configure a static IP address using /etc/netplan/00-installer-config.yaml

update cloud.cfg to save the new hostname

manually update the hostname

the hosts file

Configurations to be done:

Network System (LAN)

DNS records

hostname

domain suffix (joining the domain)

named sudo user

disable remote root SSH

Note: Ubuntu has different groups for admins than CentOS. (Hint: use the id command as champuser to figure out what groups your named admin should be in)

`Docker01-hannelore` configuration

Connect `Docker01` to LAN

Make a Named sudo user

adduser hannelore
usermod -aG sudo hannelore
groups hannelore
- to view the group the new user is in

Link used: https://www.digitalocean.com/community/tutorials/how-to-add-and-delete-users-on-ubuntu-20-04

Configure Network settings with Netplan

sudo vi /etc/netplan/00-installer-config.yaml

sudo netplan apply

NOTE: NETPLAN IS A LITTLE MENACE ABOUT INDENTATION, so you have to be exactly right with the indentation or the configuration will not work.

Links used:

Change the Hostname to `docker01-hannelore`

hostnamectl set-hostname docker01-hannelore

You can also change the "pretty" hostname which is the hostname that is displayed to the user and not the one that other devices know the machine by. The command for that is hostnamectl set-hostname "new-hostname" --pretty

sudo vi /etc/hosts

Link used: https://phoenixnap.com/kb/ubuntu-20-04-change-hostname

Link: https://pimylifeup.com/ubuntu-hosts-file/

add the IP and hostname to the bottom

update `cloud.cfg` to save the new hostname

vi /etc/cloud/cloud.cfg
add hostname: docker01-hannelore under preserve_hostname: truehannelore
- this makes it so that cloud.init doesn't override the hostname on reboot

alternatively you can use the command sudo hostnamectl set-hostname my.persistent.hostname to make the hostname persistant

In Ubuntu (and other Linux distributions), cloud-init is a package that handles early initialization of cloud instances. It's commonly used in cloud computing environments like Amazon Web Services (AWS), Google Cloud Platform (GCP), Microsoft Azure, and others.

cloud-init facilitates the automatic configuration of instances when they boot up for the first time or when they're launched. It supports various cloud providers and allows you to specify configuration details like setting up users, SSH keys, hostname, networking, packages to install, and much more through configuration files.

https://cloudinit.readthedocs.io/en/latest/

Link used: https://stackoverflow.com/questions/38113380/how-do-i-stop-cloud-init-from-overwriting-my-hostname-on-aws-centos

disable remote root SSH

sudo vi /etc/ssh/sshd_config
Set PermitRootLogin to no

Link used: https://www.ionos.com/help/server-cloud-infrastructure/getting-started/important-security-information-for-your-server/deactivating-the-ssh-root-login/

Create DNS records for `docker01-hannelore`

Join `docker01-hannelore` to the domain

sudo apt-get realmd
realm discover hannelore.local

sudo apt install sssd sssd-tools libnss-sss libpam-sss adcli samba-common-bin oddjob oddjob-mkhomedir packagekit
sudo realm join hannelore.local
realm list

TROUBLESHOOTING: I went down a rabbit hole when trying to join docker01-hannelore to the domain and I messed somethings up in my configurations. I followed this video to attempt and do this but ended up causing more issues then not.

I did these commands:

systemctl disable systemd-resolved.service

Editied the /etc/resolve.conf file

changed the name server to 10.0.5.5

After doing this and editing the resolv.conf file, it disappeard and then my machine could not resolve the hostname of docker01-hannelore. To fix this I had to start the systemd-resolved service again with:

systemctl enable systemd-resolved.service

systemctl start systemd-resolved.service

This fixed the issue and below is the file back and good after I joined the domain in the correct way. (Maybe when a file says do no edit, you shouldn't edit it.)

Deliverable 1. Screenshot showing PuTTY or powershell SSH session from mgmt01 (use hostname, not ip address). Elevate to root using sudo -i and within the session, ping champlain.edu.

Successful SSH to docker01-hannelore

sudo, hostname and ping

Install Docker

sudo apt update
sudo apt install apt-transport-https ca-certificates curl software-properties-common
curl -fsSL https://download.docker.com/linux/ubuntu/gpg | sudo apt-key add -
sudo add-apt-repository "deb [arch=amd64] https://download.docker.com/linux/ubuntu focal stable"
apt-cache policy docker-ce
sudo apt install docker-ce
sudo systemctl status docker

Link used: https://www.digitalocean.com/community/tutorials/how-to-install-and-use-docker-on-ubuntu-20-04

Deliverable 2. Confirm the Docker Service is running

Deliverable 3. Confirm that your sudo user can access and print out version information

`Docker Hello-World`

Deliverable 4. After running the docker hello world application as your named user & providing a screenshot similar to the one below, explain what has happened?

Install Docker-Compose

sudo curl -L "https://github.com/docker/compose/releases/download/1.29.2/docker-compose-$(uname -s)-$(uname -m)" -o /usr/local/bin/docker-compose
sudo chmod +x /usr/local/bin/docker-compose
docker-compose --version

Deliverable 5. Provide a screenshot similar to the one below that shows the docker-compose version.

Hello SYS265

The following command pulls down an Arch Linux based docker image, invokes it in a container, and runs /bin/echo "HELLO SYS265 SNOWY DAYS '' before deleting the container.

docker run --rm archlinux:latest /bin/echo "HELLO SYS265 SNOWY DAYS"

Deliverable 6. Provide a screenshot similar to the one below showing your "Hello Message"

Listing docker images

Docker Arch Linux Container

do the following commands:

cat /etc/lsb-release
- Print out the current version of Ubuntu on docker01
echo "Current Kernal is: $(uname -a)"
- Print out the current version of docker01's linux kernel
docker run -it archlinux /bin/uname -a
- Invoke a container of the stored Ubuntu image as well as an interactive bash command prompt.
- Print out the kernel being used by the Ubuntu container.

Deliverable 7. Provide a screenshot similar to the one below and an answer to the question: Based upon the version of kernels you see displayed within and outside of the container, what do you think is going on?

Docker Web Application

The following command will pull down the image, application and dependencies associated with a simple python web application.

docker run -d -P training/webapp python app.py
docker ps

Deliverable 8. Research the docker run command. What does the -d and -P mean?

The docker run command runs a command in a new container which will pull and start the container.

-d or --detach means that it will run the container in the background so that it doesn't occupy the current terminal session.

P or --publish-all will publish all exposed ports to random ports meaning that docker binds each exposed port within the container to a random port on the host machine.

link used: https://docs.docker.com/engine/reference/commandline/container_run/

Docker Networking

Take a look at your output, you should have a data element that looks similar to the one highlighted below, but likely not the same.

We will call this “PortX”

Add port 32768/tcp to firewall

Docker has configured packet forwarding on your base OS. In this case, traffic destined to host port PortX/tcp will be sent to the containerized application listening on 5000/tcp. You will need to allow the port (49153/tcp in this case) that shows up in docker ps through your firewalld firewall and reload.

firewall-cmd --permanent --add-port=32768/tcp
firewall-cmd --reload
firewall-cmd --query-port=32768/tcp

Deliverable 9. Screenshot showing a browsing session between mgmt01 and docker01 on the port shown in docker ps (you may have another port)

stop the testapp

docker ps
docker stop stoic_sutherland
docker ps

TROUBLESHOOTING: For this deliverable I had to use a web browser to browse to docker01. I refused to do it on internet explorer, so I attempted to download Google chrome via internet explorer. There were a few problems with doing this, but I highlighted my steps below -->

I found the Internet Explorer.exe in the C:\Program Files (86x)

I attempted to get to the chrome download page, but it would not load so I went to tools and trusted sites and added google.com as a trusted site.

I attempted to set the security levels down, but I did not have access, so I ran Internet Explorer as Admin, and I was able to change the settings, but this still didn't work.

I ran the msconfig via the run application and enabled downloads and I also went into User Access Controls and turned it down to the lowest number. Doing this worked!

YOU SHOULD SET YOUR SECURITY POLICIES BACK TO THE DEFAULT ONCE YOU HAVE DOWNLOADED WHAT YOU NEED TO!

While going through all the trouble to get Google chrome I also decided to download Putty as I have been actively attempting to avoid it, but alas I should learn to use it eventually.

https://www.ssh.com/academy/ssh/putty/windows

Dockerized Wordpress

In this example, we will use a docker compose file (docker-compose.yml) to identify the attributes of a wordpress installation to include the operating system, software and database dependencies. We will use docker-compose (as opposed to docker run) to bring up the container.

Docker Compose vs Docker

A Dockerfile is a text document with a series of commands used to build a docker images. Docker compose is a tool for defining and running multi-container applications.

Docker run is entirely command line based, while docker-compose reads configuration data from a YAML file, and docker run can only start one container at a time, while docker compose will configure and run multiple.

https://www.theserverside.com/blog/Coffee-Talk-Java-News-Stories-and-Opinions/Docker-run-vs-docker-compose-Whats-the-difference#:~:text=The%20key%20difference%20between%20docker,will%20configure%20and%20run%20multiple.

Configure a wordpress image

Parse instructions on Quickstart: Compose and WordPress to create and configure a new wordpress image.Tip: There are plenty of related sites to achieve this.

I did this using this guide --> https://github.com/docker/awesome-compose/blob/master/wordpress-mysql/compose.yaml

Make a project directory

mkdir WordPressProject

**Make a docker-compose file`

docker-compose.yml
paste into Nano -->
- shift right click

services:
  db:
    # We use a mariadb image which supports both amd64 & arm64 architecture
    image: mariadb:10.6.4-focal
    # If you really want to use MySQL, uncomment the following line
    #image: mysql:8.0.27
    command: '--default-authentication-plugin=mysql_native_password'
    volumes:
      - db_data:/var/lib/mysql
    restart: always
    environment:
      - MYSQL_ROOT_PASSWORD=somewordpress
      - MYSQL_DATABASE=wordpress
      - MYSQL_USER=wordpress
      - MYSQL_PASSWORD=wordpress
    expose:
      - 3306
      - 33060
  wordpress:
    image: wordpress:latest
    ports:
      - 80:80
    restart: always
    environment:
      - WORDPRESS_DB_HOST=db
      - WORDPRESS_DB_USER=wordpress
      - WORDPRESS_DB_PASSWORD=wordpress
      - WORDPRESS_DB_NAME=wordpress
volumes:
  db_data:

docker-compose up -d

docker ps

Successful Connection to WordPress Via a browser!

Deliverable 10. Provide a screenshot showing a completed Wordpress installation that contains reference to the course and your name. You should be accessing it by hostname and not IP address.